Security News > 2021 > March > Apple Issues Patch for Remote Hacking Bug Affecting Billions of its Devices

Apple Issues Patch for Remote Hacking Bug Affecting Billions of its Devices
2021-03-09 00:58

Apple has released out-of-band patches for iOS, macOS, watchOS, and Safari web browser to address a security flaw that could allow attackers to run arbitrary code on devices via malicious web content.

According to the update notes posted by Apple, the flaw stems from a memory corruption issue that could lead to arbitrary code execution when processing specially crafted web content.

The update is available for devices running iOS 14.4, iPadOS 14.4, macOS Big Sur, and watchOS 7.3.1, and as an update to Safari for MacBooks running macOS Catalina and macOS Mojave.

The weaknesses, which allow an attacker to elevate privileges and achieve remote code execution, were later exploited by the team behind the "Unc0ver" jailbreak tool to unlock almost every single iPhone model running 14.3.

It's worth noting that Huffman was also behind the discovery of an actively exploited zero-day bug in the Chrome browser that was addressed by Google last week.

Users of Apple devices or those running a vulnerable version of Chrome are advised to install the updates as soon as possible to mitigate the risk associated with the flaws.


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/Mgmx_HZKI7M/apple-issues-patch-for-remote-hacking.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 72 238 1567 2279 265 4349